Update 12:35 p.m. PDT: I clarified this post to reflect the fact that this involves encryption only between a user's browser and Gmail's servers.

Gmail now can be set to encrypt communications between a browser and Google's servers by default, an option that makes the e-mail service harder to snoop on but also potentially slower.

Users already could encrypt communications with Gmail servers (by going to https://mail.google.com), but on Thursday, the company added an option to use that encrypted connection automatically.

Gmail now can be set to encrypt communications with its users by default.
Google

"Your computer has to do extra work to decrypt all that data, and encrypted data doesn't travel across the Internet as efficiently as unencrypted data," Gmail engineer Ariel Rideout said in a blog post Thursday. "That's why we leave the choice up to you."

The encryption comes through use of HTTPS, a secure version of the HTTP protocol that governs how Web browsers fetch information from servers. It's not simple to snoop on somebody else's network traffic, but it can be done when the communications aren't encrypted.

HTTPS encrypts communications only between the browser and Gmail's servers. It's not like PGP (nee Pretty Good Privacy) or GPG (GNU Privacy Guard) software that encrypts e-mail all the way from source to destination.

About the author

Stephen Shankland has been a reporter at CNET since 1998 and covers browsers, Web development, digital photography and new technology. In the past he has been CNET's beat reporter for Google, Yahoo, Linux, open-source software, servers and supercomputers. He has a soft spot in his heart for standards groups and I/O interfaces.
See full bio